Optimizing Decision Tree Attack on CAS Scheme
In this paper we show a successful side-channel timing attack on a well-known high-complexity cognitive authentication (CAS) scheme. We exploit the weakness of CAS scheme that comes from the asymmetry of the virtual interface and graphical layout which results in nonuniform human behavior during t...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Stefan cel Mare University of Suceava
2016-05-01
|
| Series: | Advances in Electrical and Computer Engineering |
| Subjects: | |
| Online Access: | http://dx.doi.org/10.4316/AECE.2016.02010 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850174471099383808 |
|---|---|
| author | PERKOVIC, T. BUGARIC, M. CAGALJ, M. |
| author_facet | PERKOVIC, T. BUGARIC, M. CAGALJ, M. |
| author_sort | PERKOVIC, T. |
| collection | DOAJ |
| description | In this paper we show a successful side-channel timing attack on a well-known high-complexity cognitive
authentication (CAS) scheme. We exploit the weakness of CAS scheme that comes from the asymmetry of the
virtual interface and graphical layout which results in nonuniform human behavior during the login
procedure, leading to detectable variations in user's response times. We optimized a well-known
probabilistic decision tree attack on CAS scheme by introducing this timing information into the
attack. We show that the developed classifier could be used to significantly reduce the number of
login sessions required to break the CAS scheme. |
| format | Article |
| id | doaj-art-ce7f93a44add490ab5cd03c99897df88 |
| institution | OA Journals |
| issn | 1582-7445 1844-7600 |
| language | English |
| publishDate | 2016-05-01 |
| publisher | Stefan cel Mare University of Suceava |
| record_format | Article |
| series | Advances in Electrical and Computer Engineering |
| spelling | doaj-art-ce7f93a44add490ab5cd03c99897df882025-08-20T02:19:38ZengStefan cel Mare University of SuceavaAdvances in Electrical and Computer Engineering1582-74451844-76002016-05-01162697410.4316/AECE.2016.02010Optimizing Decision Tree Attack on CAS SchemePERKOVIC, T.BUGARIC, M.CAGALJ, M.In this paper we show a successful side-channel timing attack on a well-known high-complexity cognitive authentication (CAS) scheme. We exploit the weakness of CAS scheme that comes from the asymmetry of the virtual interface and graphical layout which results in nonuniform human behavior during the login procedure, leading to detectable variations in user's response times. We optimized a well-known probabilistic decision tree attack on CAS scheme by introducing this timing information into the attack. We show that the developed classifier could be used to significantly reduce the number of login sessions required to break the CAS scheme.http://dx.doi.org/10.4316/AECE.2016.02010ac voltage regulatorbuck-boost converterpwmthd |
| spellingShingle | PERKOVIC, T. BUGARIC, M. CAGALJ, M. Optimizing Decision Tree Attack on CAS Scheme Advances in Electrical and Computer Engineering ac voltage regulator buck-boost converter pwm thd |
| title | Optimizing Decision Tree Attack on CAS Scheme |
| title_full | Optimizing Decision Tree Attack on CAS Scheme |
| title_fullStr | Optimizing Decision Tree Attack on CAS Scheme |
| title_full_unstemmed | Optimizing Decision Tree Attack on CAS Scheme |
| title_short | Optimizing Decision Tree Attack on CAS Scheme |
| title_sort | optimizing decision tree attack on cas scheme |
| topic | ac voltage regulator buck-boost converter pwm thd |
| url | http://dx.doi.org/10.4316/AECE.2016.02010 |
| work_keys_str_mv | AT perkovict optimizingdecisiontreeattackoncasscheme AT bugaricm optimizingdecisiontreeattackoncasscheme AT cagaljm optimizingdecisiontreeattackoncasscheme |